punting on dealing with backwards compat with length-included
checksums.
* etypes.c: Add ENCTYPE_LOCAL_DES3_HMAC_SHA1 as a temporary
kludge. Note that this is added to the end of the array so other
code can lop off the last member of the array and the right thing
will happen so that it is possible to disable des3-marc-hmac-sha1
from the KDC command line, for instance.
* configure.in: Conditionalize ATHENA_DES3_KLUDGE on
--enable-athena.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11099
dc483132-0cff-0310-8789-
dd5450dbe970
+Tue Jan 5 00:06:02 1999 Tom Yu <tlyu@mit.edu>
+
+ * make_checksum.c (krb5_c_make_checksum): Note the fact that we're
+ punting on dealing with backwards compat with length-included
+ checksums.
+
+ * etypes.c: Add ENCTYPE_LOCAL_DES3_HMAC_SHA1 as a temporary
+ kludge. Note that this is added to the end of the array so other
+ code can lop off the last member of the array and the right thing
+ will happen so that it is possible to disable des3-marc-hmac-sha1
+ from the KDC command line, for instance.
+
+ * configure.in: Conditionalize ATHENA_DES3_KLUDGE on
+ --enable-athena.
+
1998-11-13 Theodore Ts'o <tytso@rsts-11.mit.edu>
* Makefile.in: Set the myfulldir and mydir variables (which are
KRB5_BUILD_LIBOBJS
KRB5_BUILD_LIBRARY
+dnl XXX This will go away soon. -- tlyu
+AC_ARG_ENABLE([athena],
+[ --enable-athena build with MIT Project Athena configuration
+ -- here meaning use temporary DES3 etype that
+ includes 32-bit length codings],
+[AC_DEFINE(ATHENA_DES3_KLUDGE)],)
K5_GEN_MAKEFILE(., lib libobj)
K5_GEN_MAKEFILE(crc32, libobj)
K5_GEN_MAKEFILE(des, libobj)
&krb5_enc_des, &krb5_hash_sha1,
krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt,
krb5_dk_string_to_key },
+#ifdef ATHENA_DES3_KLUDGE
+ { ENCTYPE_LOCAL_DES3_HMAC_SHA1,
+ "des3-marc-hmac-sha1",
+ "Triple DES with HMAC/sha1 and 32-bit length code",
+ &krb5_enc_des3, &krb5_hash_sha1,
+ krb5_marc_dk_encrypt_length, krb5_marc_dk_encrypt, krb5_marc_dk_decrypt,
+ krb5_dk_string_to_key },
+#endif
};
int krb5_enctypes_length =
ret = (*(krb5_cksumtypes_list[i].keyhash->hash))(key, 0, input, &data);
} else if (krb5_cksumtypes_list[i].flags & KRB5_CKSUMFLAG_DERIVE) {
/* any key is ok */
-
+#ifdef ATHENA_DES3_KLUDGE
+ /*
+ * XXX Punt on actually using krb5_marc_dk_make_checksum
+ * for now because we never actually use a DES3 session key
+ * anywhere on Athena, and this is temporary anyway.
+ * In any case, it's way too hairy to actually make this work
+ * properly.
+ */
+#endif
ret = krb5_dk_make_checksum(krb5_cksumtypes_list[i].hash,
key, usage, input, &data);
} else {